BSI presents updated C5 catalog
Posted: Sun Feb 02, 2025 6:11 am
Bonn/Frankfurt, January 21, 2020. Since its publication in 2016, the BSI’s “Cloud Computing Compliance Criteria Catalogue” ( C5 ) has become an established standard for cloud security that has been implemented nationally and internationally in many cases.
Since cloud technologies are subject to rapid innovation, the BSI has now subjected the C5 to a comprehensive revision. The revised and updated C5 was presented today at an event in Frankfurt am Main.
“With the C5 criteria catalogue, we are successfully europe gambling data shaping information security in an important area of digitalization. The C5 is used by cloud providers of all sizes to demonstrate the security of cloud services.
This success story of the C5 shows that cyber security 'Made in Germany' can be an integrated component of innovative digital offerings worldwide that enable us all to be more comfortable, efficient and effective," emphasises BSI President Arne Schönbohm.
The updates to the C5 criteria catalogue include both the formal regulations and the C5 criteria, which have been adapted to the current state of the art. The experiences of cloud users, providers and auditors have been incorporated into the revision.
The C5 also contains a new domain on product security and thus now also takes into account the regulations and requirements of the EU Cybersecurity Act, which came into force in 2019. In addition, the proof route via direct testing has been opened up - especially for smaller cloud providers.
Since cloud technologies are subject to rapid innovation, the BSI has now subjected the C5 to a comprehensive revision. The revised and updated C5 was presented today at an event in Frankfurt am Main.
“With the C5 criteria catalogue, we are successfully europe gambling data shaping information security in an important area of digitalization. The C5 is used by cloud providers of all sizes to demonstrate the security of cloud services.
This success story of the C5 shows that cyber security 'Made in Germany' can be an integrated component of innovative digital offerings worldwide that enable us all to be more comfortable, efficient and effective," emphasises BSI President Arne Schönbohm.
The updates to the C5 criteria catalogue include both the formal regulations and the C5 criteria, which have been adapted to the current state of the art. The experiences of cloud users, providers and auditors have been incorporated into the revision.
The C5 also contains a new domain on product security and thus now also takes into account the regulations and requirements of the EU Cybersecurity Act, which came into force in 2019. In addition, the proof route via direct testing has been opened up - especially for smaller cloud providers.